It is important that all email communication containing PHI is kept confidential. We've made this process easy for you with ZixCorp's protection services. There are no keys to exchange or cumbersome steps to remember, and it works seamlessly with our current email application, so there's no learning curve and no information to transfer.
Email messages containing PHI will be sent securely. Recipients go through a few simple steps to access messages and can also respond securely to email messages, free of charge.
If you have any questions, contact Customer Support at firstname.lastname@example.org.
What is Secure Messaging?
Secure Messaging is the automatic process of:
- Identifying outbound email messages that contain Protected Health Information (PHI).
- Encrypting the email messages that have been identified as containing PHI.
- Sending encrypted email messages using ZixCorp's Best Method of Delivery™
How is PHI identified?
The content of all outbound messages are scanned and compared against two lexicons, or dictionaries.
- Identifier Lexicon has a criteria of identifier information
Example: Social Security numbers
- HIPAA Lexicon contains HIPAA terminology
Example: a health condition/disease
The content of the email message must meet a criteria defined in both lexicons for encryption to occur.
- Example 1: Message is encrypted if the message or attachments contain a Social Security number and a name of a disease.
- Example 2: Message is not be encrypted if the message or attachments only include a Social Security number.
- Example 3: Message is not be encrypted if the message or attachments only include a name of a disease.
What if PHI is in the email message Subject Line?
It is not practical to encrypt the Subject Line of an email message. Therefore, any email messages that contain PHI in the Subject Line will be rejected and returned to the sender.
- Review the Subject Line
- Make necessary corrections
- Resend the email message
Why are we implementing Secure Messaging?
With the adoption of the HIPAA guidelines, it is required that all communications containing PHI be secured. To help implement this important and practical security measure, we are using secure messaging services to protect our email communications and ensure all PHI remains confidential.
How do I send a Secure Message?
If lexicon policies are used exclusively, the encryption process happens transparently without requiring any user input. Refer to "What is Secure Messaging?" above for more details.
If you are using ZixMail for point-to-point secure email delivery, click the ZixMail button in your regular email toolbar to automatically encrypt a message.
Your organization may have also set up a special keyword encryption policy. In this case, type the specific keyword (e.g. secure or confidential) in the Subject Line of your message and the content is automatically encrypted once it is sent. Contact your secure email administrator to confirm your company's specific keyword and its usage (e.g. keyword may need to be located at the beginning or at the end of the Subject Line).
What if the recipient does not retrieve the message?
If the recipient does not retrieve the message before the expiration date, you will receive an expiration notification message. The original message will be deleted from the secure Web site.